25 matches found
firefox: multiple issues
CVE-2016-0718 arbitrary code execution Out-of-bounds read during XML parsing in Expat library. - CVE-2016-2830 information disclosure Favicon network connection can persist when page is closed. - CVE-2016-2835 CVE-2016-2836 arbitrary code execution Mozilla developers and community members...
Mozilla: Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback (MFSA 2016-77)
Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...
CVE-2016-2837
Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...
CVE-2016-2837
Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...
Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback — Mozilla
An anonymous security researcher working with Trend Micro's Zero Day Initiative reported a buffer overflow in the ClearKey Content Decryption Module CDM used by the Encrypted Media Extensions EME API. This vulnerability can be triggered using a malformed video file due to incorrect error handling...